Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1E5C8BB1C960715B62CEF2F80625BD655F7D65F55CAD6162EDCCD363D9862E57/0/3133312e3139362e302e302f32322d3234203d3e203532323733.roa
File:                     3133312e3139362e302e302f32322d3234203d3e203532323733.roa (raw, json)
Hash identifier:          FL6s9b/NBkrkYAKFQlYsZg0qHR+/ZdRP2x43qfGVdIU=
Subject key identifier:   CF:3E:87:33:E8:68:D9:65:C9:04:20:4E:A8:12:8C:55:14:B6:8B:B0
Certificate issuer:       /CN=3927FF3B5B92C88A2841A61BED02284FDFE90814
Certificate serial:       3266BCCE50B1FCD492B11392116E2E3A5066DB56
Authority key identifier: 39:27:FF:3B:5B:92:C8:8A:28:41:A6:1B:ED:02:28:4F:DF:E9:08:14
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3927FF3B5B92C88A2841A61BED02284FDFE90814.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1E5C8BB1C960715B62CEF2F80625BD655F7D65F55CAD6162EDCCD363D9862E57/0/3133312e3139362e302e302f32322d3234203d3e203532323733.roa
Signing time:             Tue 05 Mar 2024 17:58:22 +0000
ROA not before:           Tue 05 Mar 2024 17:53:22 +0000
ROA not after:            Tue 04 Mar 2025 17:58:22 +0000
asID:                     52273
IP address blocks:        131.196.0.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1E5C8BB1C960715B62CEF2F80625BD655F7D65F55CAD6162EDCCD363D9862E57/0/3927FF3B5B92C88A2841A61BED02284FDFE90814.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1E5C8BB1C960715B62CEF2F80625BD655F7D65F55CAD6162EDCCD363D9862E57/0/3927FF3B5B92C88A2841A61BED02284FDFE90814.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3927FF3B5B92C88A2841A61BED02284FDFE90814.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 27 Nov 2024 03:32:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:66:bc:ce:50:b1:fc:d4:92:b1:13:92:11:6e:2e:3a:50:66:db:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3927FF3B5B92C88A2841A61BED02284FDFE90814
        Validity
            Not Before: Mar  5 17:53:22 2024 GMT
            Not After : Mar  4 17:58:22 2025 GMT
        Subject: CN=CF3E8733E868D965C904204EA8128C5514B68BB0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:1e:d8:51:f0:8f:c5:fe:fc:4c:85:a5:54:ae:
                    03:d1:98:7e:15:a6:2a:10:83:f5:21:29:e2:e4:a1:
                    e7:76:b9:5c:26:b8:5e:2f:8b:43:8c:7d:06:da:0d:
                    13:98:79:73:d8:b1:16:03:38:8f:49:f1:7c:10:82:
                    bb:5b:97:9f:2f:1d:36:23:f9:58:6d:ac:c5:b0:bf:
                    a3:bf:7c:9f:bf:81:62:42:36:f5:de:31:a2:c8:3b:
                    10:05:6b:54:6a:72:22:54:00:ab:bc:62:bd:e7:b3:
                    78:83:14:52:9e:96:e4:e2:70:65:58:c7:54:03:5c:
                    69:18:69:f4:fa:0b:03:39:8b:72:6b:8f:00:77:b9:
                    a4:27:46:b8:4c:2f:04:48:b1:a8:13:4c:4c:69:71:
                    1b:7c:91:30:52:de:c2:e1:34:fb:59:34:44:db:97:
                    56:01:8a:9d:5b:4f:2a:3c:12:7e:76:6a:3d:f6:51:
                    bc:8a:3b:e1:ad:7e:c7:ae:41:21:9b:75:2a:d8:86:
                    98:5d:1e:90:21:f7:39:cd:59:62:27:ff:0f:ff:58:
                    e8:63:32:ed:d5:1a:36:1c:24:ef:6f:ff:da:36:23:
                    ec:10:1b:cf:52:fa:dd:be:93:72:69:45:aa:3e:a4:
                    fe:90:1e:b1:95:3e:ea:5f:87:69:75:cb:52:4e:ff:
                    61:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:3E:87:33:E8:68:D9:65:C9:04:20:4E:A8:12:8C:55:14:B6:8B:B0
            X509v3 Authority Key Identifier:
                keyid:39:27:FF:3B:5B:92:C8:8A:28:41:A6:1B:ED:02:28:4F:DF:E9:08:14

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1E5C8BB1C960715B62CEF2F80625BD655F7D65F55CAD6162EDCCD363D9862E57/0/3927FF3B5B92C88A2841A61BED02284FDFE90814.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3927FF3B5B92C88A2841A61BED02284FDFE90814.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1E5C8BB1C960715B62CEF2F80625BD655F7D65F55CAD6162EDCCD363D9862E57/0/3133312e3139362e302e302f32322d3234203d3e203532323733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.196.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         cf:9a:87:91:fd:10:5b:35:d8:c4:6d:4a:5e:3e:84:84:29:82:
         81:a4:95:b7:1c:17:0c:fb:2a:98:e0:f6:c1:3e:5e:08:02:c7:
         62:4c:c7:0f:7c:a6:9a:c3:15:81:9a:bf:6a:6a:14:5d:da:19:
         72:a1:51:8c:ca:ad:7d:1c:6f:7f:ab:fa:eb:3f:dc:a3:e6:6d:
         f5:a4:55:16:83:ca:76:1a:ec:52:88:9a:6f:87:b9:bc:21:c0:
         e6:c5:99:8d:c9:23:80:28:ae:51:c5:14:6e:f6:a1:a0:11:91:
         72:ea:df:97:94:1e:78:18:40:5e:94:ad:d1:4f:df:18:51:7f:
         d4:86:4e:b9:73:ff:6a:dc:6f:8e:ea:bb:fe:2c:ce:79:4b:7f:
         99:e1:29:86:c7:4c:bd:32:ff:18:af:ba:1e:0f:b6:b5:72:84:
         3f:53:75:20:a9:f3:2c:56:5a:65:08:9d:c3:74:27:6f:89:e7:
         4a:13:8c:f5:14:f1:de:ef:f2:80:c2:0c:9a:cf:e5:bd:6b:d4:
         9a:2a:53:65:93:3b:dc:59:97:cb:0d:31:c4:41:9e:8e:19:fd:
         78:77:3a:88:db:41:e4:20:32:04:e5:ca:e7:dd:9f:26:e1:91:
         9b:2b:dc:29:03:b3:0e:79:37:f0:18:fa:0e:9a:ce:0c:e7:f1:
         05:e7:7a:97
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUMma8zlCx/NSSsROSEW4uOlBm21YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzkyN0ZGM0I1QjkyQzg4QTI4NDFBNjFCRUQwMjI4NEZE
RkU5MDgxNDAeFw0yNDAzMDUxNzUzMjJaFw0yNTAzMDQxNzU4MjJaMDMxMTAvBgNV
BAMTKENGM0U4NzMzRTg2OEQ5NjVDOTA0MjA0RUE4MTI4QzU1MTRCNjhCQjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHHthR8I/F/vxMhaVUrgPRmH4V
pioQg/UhKeLkoed2uVwmuF4vi0OMfQbaDROYeXPYsRYDOI9J8XwQgrtbl58vHTYj
+VhtrMWwv6O/fJ+/gWJCNvXeMaLIOxAFa1RqciJUAKu8Yr3ns3iDFFKeluTicGVY
x1QDXGkYafT6CwM5i3JrjwB3uaQnRrhMLwRIsagTTExpcRt8kTBS3sLhNPtZNETb
l1YBip1bTyo8En52aj32UbyKO+GtfseuQSGbdSrYhphdHpAh9znNWWIn/w//WOhj
Mu3VGjYcJO9v/9o2I+wQG89S+t2+k3JpRao+pP6QHrGVPupfh2l1y1JO/2E5AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUzz6HM+ho2WXJBCBOqBKMVRS2i7AwHwYDVR0j
BBgwFoAUOSf/O1uSyIooQaYb7QIoT9/pCBQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xRTVDOEJCMUM5NjA3MTVCNjJDRUYyRjgwNjI1QkQ2NTVG
N0Q2NUY1NUNBRDYxNjJFRENDRDM2M0Q5ODYyRTU3LzAvMzkyN0ZGM0I1QjkyQzg4
QTI4NDFBNjFCRUQwMjI4NEZERkU5MDgxNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zOTI3RkYzQjVCOTJDODhBMjg0
MUE2MUJFRDAyMjg0RkRGRTkwODE0LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUU1QzhCQjFDOTYwNzE1QjYyQ0VGMkY4MDYyNUJENjU1RjdENjVGNTVD
QUQ2MTYyRURDQ0QzNjNEOTg2MkU1Ny8wLzMxMzMzMTJlMzEzOTM2MmUzMDJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDM1MzIzMjM3MzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKDxAAwDQYJ
KoZIhvcNAQELBQADggEBAM+ah5H9EFs12MRtSl4+hIQpgoGklbccFwz7Kpjg9sE+
XggCx2JMxw98pprDFYGav2pqFF3aGXKhUYzKrX0cb3+r+us/3KPmbfWkVRaDynYa
7FKImm+HubwhwObFmY3JI4AorlHFFG72oaARkXLq35eUHngYQF6UrdFP3xhRf9SG
Trlz/2rcb47qu/4sznlLf5nhKYbHTL0y/xivuh4PtrVyhD9TdSCp8yxWWmUIncN0
J2+J50oTjPUU8d7v8oDCDJrP5b1r1JoqU2WTO9xZl8sNMcRBno4Z/Xh3OojbQeQg
MgTlyufdnybhkZsr3CkDsw55N/AY+g6azgzn8QXnepc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:36:26 2024 by rpki-client on console-ams.rpki-client.org